How to enable SharePoint Search on a Claims Based Authentication site that is not part of a domain

A special thank you to Shane Young of SharePoint 911 for helping me find this article and pointing me in the right direction.

I discovered the initial problem of search not working shortly after I implemented CBA (Claims Based Authentication) and that led me down many incorrect paths until Shane pointed out the key problem was that my query component in the search services page of the SharePoint 2010 Central Admin was stuck on "Initializing". This is what led to Søren Nielsen's blog and the eventual discovery of the root issue being that my SharePoint 2010 machine was not a member of a domain. My additions will be noted by a complete line of red text with asterisks ****below.

An Excerpt below from Søren Nielsen's blog post sums up the problem of what search will not work on a machine that is not joined to a domain. I disc

The Trouble with Search

Search will fail with a number of errors and in the search administration the Query Component will remain stuck in the initializing state:

The other bunch of event log errors etc. is listed at the end of this post for the benefit of Google.

As far as I can conjecture the problem is that the timer service is trying to setup a network share for every query component where the crawlers can dump their data. It is trying to setup that share with a domain account that happens to be a local user instead in this case and fails with either an "Access Denied" error or a "System.ArgumentException: The SDDL string contains an invalid SID or a SID that cannot be translated".

The share name it's trying to use is the same as the query role, i.e. "Guid-query-0″ pointing to (if using default locations) "C:\program files\Microsoft Office Servers\14.0\Data\Office Server\Applications" with change permissions for the "WSS_WPG" group.

Unfortunately it does not help to just create the share for it apparently the query components insist on waiting for the timer job to complete successfully

The Search Fix

The fix is fairly simple and almost completed by Gary Lapointe whom I owe great thanks for doing most of the hard work in his post on scripting the Enterprise Search installation and the comments below his post (thanks to Marco van Wieren).

The fix is simply to create and configure all the enterprise search components from PowerShell as it allows you to set a few more options, specifically the share name for the query components so that you are then allowed to create them yourself.

The script was originally made for configuring search components across an entire farm and therefore a bit more complicated than it strictly has to be. I left it in there while adding support for single server install as well. Gary's script was made for beta 2 and I've fixed a few simple errors/typos, corrected the few API changes between beta 2 and RTM and finally added the share name support.

The script is quite long a not suitable for pasting into a blog – download instead.

****I have actually changed the script to execute the function when run. If you would like to use my script for an out of the box solution it can be downloaded here:****

The Share Name (here "SearchShare") will be created by the script as well, so whatever you call it doesn't matter

The config file shown can be reused on every machine provided that the local service account "saservice" has been created before

To continue and complete step 5 in the procedure above (sorry for the numbering wordpress is messing up the html):

Start PowerShell shell (I will load the SharePoint snapin if it's not a SharePoint Management Shell)

Load the "SetupEnterpriseSearch.ps1″ script (just drag the file into the shell and execute) which will define the required functions

Execute "Start-EnterpriseSearch "<path>\searchconfig.xml""

Wait for a few minutes and watch for errors

Go to the Search Administration and verify that your new search topology works

It should look something like this:

If you configured search in step 4 you will have two

If you have two you can safely go back to "Manage service applications" and delete the one named "Search Service Application 1″ (and associated databases) – the one created by the script is "Enterprise Search Service Application"

Try it! Go to a local SharePoint site and search for something

Before the search would return a server error 500 so anything else than that can be considered a success

I like to add a few documents and have them show up in the search before I call it a success…

****I have made alterations to the steps above if you are using my altered files where the powershell script calls the function inside of it.****

The config file name in my script is spsearchconfig.xml and it is referenced in 2 places in the SetupEnterpriseSearch.ps1 PowerShell script

Comments

You can follow this conversation by subscribing to the comment feed for this post.

Wonderful article. Nobody seems to think about this greatly. I see hundreds that are the default which I saw later, but it makes a world of difference to customize it to your own site. I have even choose to buy Sample Example Essay, hope this will assist. Thanks for the tips!